facebook breach lawsuit

Flickr/JD Lasica

Facebook sued over data breach that involved 50 million accounts

The lawsuit will likely be the first of many.


Joseph Knoop


A class-action lawsuit has been filed against Facebook by two California residents who claim the company acted negligently, violated California’s unfair competition law, and concealed its “grossly inadequate” security measures following a massive data breach.

According to a report by Bloomberg, the lawsuit was filed Friday, shortly after Facebook released a statement saying that a breach in its security protocols had allowed hackers unfettered access into almost 50 million users’ accounts.

In addition to resetting the log-in parameters (“access tokens” that let users stay logged-in without having to re-enter a password every time) for those initial 50 million accounts, Facebook also said it was resetting access tokens for another 40 million accounts that were subjected to the same security threats.

Carla Echavarrai and Derrick Walker are the two individuals behind the lawsuit, and based on the lawsuit’s descriptions, are fairly regular Facebook users. The lawsuit was filed in California’s Northern District Court, and aims to represent “all persons who registered for Facebook accounts in the United States and whose PII was accessed, compromised, or stolen from Facebook in the September 2018 Data Breach.”

Since the breach’s announcement in a blog post by Facebook, the company has held two conference calls since Friday, but hasn’t released any additional details on who might be behind the attack, who is affected, or why the company believes specifically 50 million accounts were impacted.

User data “was exposed due to a flaw in Facebook’s code that allowed hackers and other nefarious users to take over user accounts and siphon off Personal Information for unsavory and illegal purposes,” according to the complaint.

The lawsuit is likely to be the first of many. Facebook experienced a deluge of class action lawsuits after the company sold the data of 87 million users to Cambridge Analytica, a political data firm employed by President Donald Trump‘s campaign, without users’ knowledge.

H/T: BloombergGizmodo

The Daily Dot